General
-
Target
c0813ea36f4e0c784504095dd6979edc_JaffaCakes118
-
Size
575KB
-
Sample
240825-l57ptaycqf
-
MD5
c0813ea36f4e0c784504095dd6979edc
-
SHA1
97a8afe32535c19261e0267a66af28a17c9268d4
-
SHA256
adc621e6c68c2474ffd5f7f5c1f0d6d8666e4829a7593e6041b8aa4ba116419c
-
SHA512
e78205f6846dbc9500d6c29dfee2e43382e269294d1d46592544fa1ceedf77edfb36b9ec374576bbbc4aa4bc96225106156daaff70805b60e93fb0b0349e25ca
-
SSDEEP
12288:ryAYktRsevrqpLbFNPwM5j4pchFY2/i6neqGfQDpvtRRHociDC8CT8vSD:rQaRsmqNPwMZ46hFY2/5zGfGoZ96D
Behavioral task
behavioral1
Sample
c0813ea36f4e0c784504095dd6979edc_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
c0813ea36f4e0c784504095dd6979edc_JaffaCakes118
-
Size
575KB
-
MD5
c0813ea36f4e0c784504095dd6979edc
-
SHA1
97a8afe32535c19261e0267a66af28a17c9268d4
-
SHA256
adc621e6c68c2474ffd5f7f5c1f0d6d8666e4829a7593e6041b8aa4ba116419c
-
SHA512
e78205f6846dbc9500d6c29dfee2e43382e269294d1d46592544fa1ceedf77edfb36b9ec374576bbbc4aa4bc96225106156daaff70805b60e93fb0b0349e25ca
-
SSDEEP
12288:ryAYktRsevrqpLbFNPwM5j4pchFY2/i6neqGfQDpvtRRHociDC8CT8vSD:rQaRsmqNPwMZ46hFY2/5zGfGoZ96D
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-